Privacy Policy

This Privacy Notice for Tempus Prive UG (doing business as Tempus Privé) ('we', 'us', or 'our'), describes how and why we might access, collect, store, use, and/or share ('process') your personal information when you use our services ('Services'), including when you:

• —Visit our website at www.tempusprive.com or any website of ours that links to this Privacy Notice
• —Use Tempus Privé, a digital auction platform for luxury watch collectors
• —Engage with us in other related ways, including any marketing or events

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at info@tempusprive.com.

Table of Contents

1. What Information Do We Collect?
2. How Do We Process Your Information?
3. What Legal Bases Do We Rely On?
4. When and With Whom Do We Share Your Information?
5. Do We Use Cookies?
6. How Long Do We Keep Your Information?
7. How Do We Keep Your Information Safe?
8. Do We Collect Information From Minors?
9. What Are Your Privacy Rights?
10. Do-Not-Track Features
11. Updates to This Notice
12. How Can You Contact Us?

1. What Information Do We Collect?

Personal information you disclose to us

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information that we collect may include:

• —Names
• —Phone numbers
• —Email addresses
• —Mailing addresses
• —Usernames and passwords
• —Contact preferences
• —Debit/credit card numbers and billing addresses
• —Government-issued identification documents (for KYC verification)

Payment Data. We may collect data necessary to process your payment. All payment data is handled and stored by Stripe (Stripe Europe entity) and NOWPayments.

KYC Data. To comply with Anti-Money Laundering (AML) regulations, we collect and verify government-issued identification documents through our identity verification partner, Veriff. All KYC verification results are manually reviewed by our compliance team before final approval.

Information automatically collected. We automatically collect certain information when you visit, use, or navigate the Services, including your IP address, browser and device characteristics, operating system, language preferences, referring URLs, and other technical information.

2. How Do We Process Your Information?

We process your personal information for a variety of reasons, including:

• —To facilitate account creation and authentication
• —To deliver and facilitate delivery of services to the user
• —To respond to user inquiries and offer support
• —To send administrative information
• —To fulfil and manage your orders
• —To enable user-to-user communications
• —To protect our Services and prevent fraud
• —To verify user identity and comply with anti-money laundering regulations

3. What Legal Bases Do We Rely On?

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on to process your personal information:

• —Consent: Marketing communications, analytics cookies, marketing cookies
• —Performance of a Contract: Account creation, service delivery, payment processing
• —Legal Obligations: KYC/AML compliance, tax obligations, regulatory reporting
• —Legitimate Interests: Platform security, fraud prevention, service improvement

4. When and With Whom Do We Share Your Information?

We may share your data with third-party service providers who perform services for us:

• —Identity Verification: Veriff (KYC checks)
• —Payment Processors: Stripe (card payments), NOWPayments (cryptocurrency)
• —Communication Services: Email and SMS providers
• —Analytics: Google Analytics (EU data processing enabled)
• —Hosting: AWS (EU - Frankfurt region)

What We Never Do: We will never sell your personal information, share your information with advertisers without consent, disclose KYC documents except as required by law, or transfer your data outside the EU without adequate safeguards.

5. Do We Use Cookies?

We may use cookies and similar tracking technologies to gather information when you interact with our Services. Your consent is required for non-essential cookies (analytics, marketing). You can manage your cookie preferences at any time through the "Cookie Settings" link in our website footer.

For detailed information, please see our Cookie Policy.

6. How Long Do We Keep Your Information?

• —KYC Documents: 7 years from account closure (AML regulations)
• —Transaction Records: 7 years from transaction date (tax regulations)
• —Essential Account Data: 7 years from last activity
• —Marketing Data: Until you withdraw consent
• —Analytics Data: 26 months

7. How Do We Keep Your Information Safe?

We have implemented appropriate technical and organisational security measures:

• —All data encrypted using TLS 1.3+ in transit and AES-256 at rest
• —All servers located in AWS EU (Frankfurt, Germany)
• —Role-based access control and multi-factor authentication
• —PCI DSS compliant payment processing
• —Regular security audits and incident response procedures

8. Do We Collect Information From Minors?

We do not knowingly collect data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 years old. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to delete such data.

9. What Are Your Privacy Rights?

If you are located in the EEA, UK, or Switzerland, you have the following rights under GDPR:

• —Right of Access: Request copies of your personal information
• —Right to Rectification: Request correction of inaccurate information
• —Right to Erasure: Request deletion of your data (subject to legal retention requirements)
• —Right to Restrict Processing: Request limitation of data processing
• —Right to Data Portability: Request transfer of your data
• —Right to Object: Object to processing based on legitimate interests
• —Right to Withdraw Consent: Withdraw consent at any time

To exercise your rights, contact us at privacy@tempusprive.com. Response time: within 1 month.

10. Do-Not-Track Features

We respect your privacy choices and provide granular control over cookies through our cookie consent banner and Cookie Settings interface.

11. Updates to This Notice

We may update this Privacy Notice from time to time. We will notify you of any material changes by posting the updated policy with a new "Last updated" date and sending you an email notification (if you have an account with us).

12. How Can You Contact Us?

If you have questions or comments about this notice, you may contact us at: